CVE-2024-8042 - Rapid7 Insight Platform Missing Authorization Vulnerability
CVE ID : CVE-2024-8042 Published : Sept. 9, 2024, 3:15 p.m. | 1 hour, 14 minutes ago Description : Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. This could potentially lead to an empty user group being added to the incorrect customer. This vulnerability is remediated as of August 14, 2024. Severity: 2.4 | LOW Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-8042
Published : Sept. 9, 2024, 3:15 p.m. | 1 hour, 14 minutes ago
Description : Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. This could potentially lead to an empty user group being added to the incorrect customer. This vulnerability is remediated as of August 14, 2024.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Sept. 9, 2024, 3:15 p.m. | 1 hour, 14 minutes ago
Description : Rapid7 Insight Platform versions between November 2019 and August 14, 2024 suffer from missing authorization issues whereby an attacker can intercept local requests to set the name and description of a new user group. This could potentially lead to an empty user group being added to the incorrect customer. This vulnerability is remediated as of August 14, 2024.
Severity: 2.4 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
